PEPPLER.ORG
Michael Peppler
Sybase Consulting
Menu
Home
Sybase on Linux
Install Guide for Sybase on Linux
General Sybase Resources
General Perl Resources
Freeware
Sybperl
Sybase::Simple
DBD::Sybase
BCP Tool
Bug Tracker
Mailing List Archive
Downloads Directory
FAQs
Sybase on Linux FAQ
Sybperl FAQ
Personal
Michael Peppler's resume

sybperl-l Archive

Up    Prev    Next    

From: "Avis, Ed" <avised at kbcfp dot com>
Subject: DBD::Sybase patch: look after password more carefully
Date: Oct 20 2003 11:39AM

Currently DBD::Sybase needs to prompt for a password to use in
the test suite.  But it echoes the password to the terminal
(both when entering it and again if you reconfigure) and writes
it in a file PWD which might be readable by others (depending on
umask).  Also PWD is not removed by 'make clean'.

This patch improves things by making the current example PWD file
be called PWD.factory, so that 'make clean' can remove the real
PWD containing the user's password.  When prompting for a
password it is not echoed.  PWD is created unreadable by others.
If PWD exists it is read for defaults on later configuration
(apart from password - that is never printed to the screen, so
there is no default answer), otherwise PWD.factory is read.

diff -rwu DBD-Sybase-1.01/MANIFEST DBD-Sybase-1.01-new/MANIFEST
--- DBD-Sybase-1.01/MANIFEST	2003-09-08 21:50:53.000000000 +0100
+++ DBD-Sybase-1.01-new/MANIFEST	2003-10-20 12:18:10.000000000
+0100
@@ -5,7 +5,7 @@
 README
 README.vms
 README.freetds
-PWD
+PWD.factory
 Sybase.h
 Sybase.pm
 Sybase.xs
diff -rwu DBD-Sybase-1.01/Makefile.PL DBD-Sybase-1.01-new/Makefile.PL
--- DBD-Sybase-1.01/Makefile.PL	2003-09-08 22:30:22.000000000 +0100
+++ DBD-Sybase-1.01-new/Makefile.PL	2003-10-20 12:23:05.000000000
+0100
@@ -22,6 +22,7 @@
 
 configure();
 
+my $written_pwd_file = 'PWD';
 configPwd();
 
 my $lddlflags = $Config{lddlflags};
@@ -33,7 +34,8 @@
 WriteMakefile('NAME'         => 'DBD::Sybase',
 	      LIBS           => [$lib_string],
 	      INC            => $inc_string,
-	      clean	     => { FILES=> 'Sybase.xsi' },
+ 	      clean	     => { FILES =>
+                             "Sybase.xsi $written_pwd_file" },
 	      OBJECT         => '$(O_FILES)',
 	      'VERSION_FROM' => 'Sybase.pm',
 	      'LDDLFLAGS'    => $lddlflags,
@@ -222,8 +224,15 @@
 }
 
 sub configPwd {
-    open(IN, "PWD") || die "Can't open PWD: $!";
     my %pwd;
+    my $pwd_file;
+    my @poss = ($written_pwd_file, 'PWD.factory');
+    foreach (@poss) {
+        $pwd_file = $_, last if -e;
+    }
+    die "could not find any of: @poss\n" if not defined $pwd_file;
+
+    open(IN, $pwd_file) || die "Can't open $pwd_file: $!";
     while() {
 	chomp;
 	next if(/^\s*\#/);
@@ -240,12 +249,30 @@
     $pwd{SRV} = getAns() || $pwd{SRV};
     print "User ID to log in to Sybase (default: $pwd{UID}): ";
     $pwd{UID} = getAns() || $pwd{UID};
-    print "Password (default: $pwd{PWD}): ";
-    $pwd{PWD} = getAns() || $pwd{PWD};
+
+    print "Password: ";
+    if (-t) {
+        # Stop the password being echoed.
+        require Term::ReadKey;
+        Term::ReadKey::ReadMode('noecho');
+    }        
+    $pwd{PWD} = getAns();
+    if (-t) {
+        print "\n";
+        Term::ReadKey::ReadMode('restore');
+    }
+
     print "Sybase database to use on $pwd{SRV} (default: $pwd{DB}): ";
     $pwd{DB} = getAns() || $pwd{DB};
 
-    open(OUT, ">PWD") || die "Can't open PWD: $!";
+    warn "\n* Writing login information, including password, to file
$written_pwd_file.\n\n";
+
+    # Create the file non-readable by anyone else.
+    my $old_umask = umask(077);
+    die "cannot umask(): $!" if not defined $old_umask;
+    open(OUT, ">$written_pwd_file") || die "Can't open
$written_pwd_file: $!";
+    umask($old_umask) != 077 && die "strange return from umask()";
+
     print OUT <